package com.pug.authentication.rest;

import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.StrUtil;
import io.swagger.annotations.Api;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.client.support.BasicAuthenticationInterceptor;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import xq.pug.common.result.R;
import xq.pug.feign.dto.authorization.AuthorizationDTO;
import xq.pug.feign.service.authorzation.TokenServiceFeign;

import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;

/**
 * @author RenGaoshuai
 * @date 2023/7/11 10:08
 * @description
 */
@RestController
@Api("auth")
@Slf4j
public class AuthenticationController {

    @Value("${ecs.token.scope:all}")
    private String scope;
    @Value("${ecs.token.grantType:client_credentials}")
    private String grantType;

    @Autowired
    TokenServiceFeign tokenServiceFeign;

    /**
     * 远程获取token
     *
     * @param request
     * @return
     */
    @PostMapping(value = "/auth/getToken")
    public R getToken(HttpServletRequest request) {
        String account = request.getHeader("Account");
        if (StrUtil.isBlank(account)){
            return R.ofFail("账号信息不能为空");
        }
        String[] split = Base64.decodeStr(account).split(":");
        if (StrUtil.isBlank(split[0]) || StrUtil.isBlank(split[1])){
            return R.ofFail("账号格式不正确请检查");
        }

        // 创建 ClientCredentialsResourceDetails 对象
        ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
        resourceDetails.setAccessTokenUri("http://localhost:9005/oauth/token");
        resourceDetails.setClientId(split[0]);
        resourceDetails.setClientSecret(split[1]);
        resourceDetails.setGrantType(grantType);
        List<String> scop = new ArrayList<>();
        scop.add(scope);
        resourceDetails.setScope(scop);

        // 创建 OAuth2RestTemplate 对象
        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails);
        //如果配置了security的账户密码，那么就需要在这配置上去
        //restTemplate.getInterceptors().add(new BasicAuthenticationInterceptor("admin", "admin"));
        restTemplate.setAccessTokenProvider(new ClientCredentialsAccessTokenProvider());
        return R.ofSuccess(restTemplate.getAccessToken());
    }

    @PostMapping(value = "/auth/getToken2")
    public R getToken2(HttpServletRequest request) {
        String account = request.getHeader("Account");
        if (StrUtil.isBlank(account)){
            return R.ofFail("账号信息不能为空");
        }
        String[] split = Base64.decodeStr(account).split(":");
        if (StrUtil.isBlank(split[0]) || StrUtil.isBlank(split[1])){
            return R.ofFail("账号格式不正确请检查");
        }

        AuthorizationDTO token = tokenServiceFeign.getToken(scope, grantType, split[0],split[1]);
        return R.ofSuccess(token);
    }


}
